Listen to post:
Unsolved Remote Access Challenges Continue to Propel SASE in 2023, Finds New Cato Survey
By all accounts, 2023 is expected to see strong growth in the SASE market. Gartner has already predicted in The Top 5 Trends in Enterprise Networking and Why They Matter: A Gartner Trend Insight Report (subscription required) that by 2025, 50% of SD-WAN purchases will be part of a single vendor SASE offering, up from less than 10% in 2021. And in a recent audience poll at Gartner’s I&O Cloud conference, audience members were asked which of the five technologies were they most likely to invest in, 31% indicated SASE, making number two overall just behind Universal ZTNA (at 34%).
And Gartner isn’t the only one expecting SASE to perform well this year. Dell’Oro expects the SASE market to reach $8 billion in 2023. The drivers for this activity? The need for security everywhere particularly driven by hybrid work. “The internet is now a logical extension of the corporate network, and the need for security is as great as ever,” Dell’Oro Research Director Mauricio Sanchez told SDxCentral.
We couldn’t agree more. We just finished surveying more than 1661 IT leaders around 2023 SASE drivers for adoption. The survey gathered insight into their experiences with SASE and, for those who have not yet deployed SASE, the IT challenges confronting them moving forward.
What’s so striking when you look the data is the role remote access plays. More than half (51%) of respondents who have not yet adopted any kind SASE point to enabling remote access from anywhere as their number one challenge. The same is true for “Adopt zero trust security posture for all access.”
Why Remote Access VPNs Are Not the Answer for Hybrid Work
There are any number of reasons for why enterprises are looking at replacing legacy remote access solutions. “Traditional approaches anchored only to on-premises solutions at the corporate internet gateway no longer work in the new ‘anywhere, anytime, with any device’ environment that the pandemic accelerated, SDxCentral quoted Sanchez.”Have it the Old Way or Enjoy the SASE Way | Download the White Paper
More specifically, legacy VPNs suffer from five key problems:
- Scaling and capacity Issues. VPN servers have a limited amount of capacity, as more users connect, performance degrades, and the user experience suffers. To increase VPN server capacity, IT must deploy new appliances or upgrade existing ones. Security and performance optimization challenges requires additional appliances to be purchased, deployed, and integrated, which only increases network complexity.
- Lack of granular security controls. Generally, point solutions restrict access at the network-level. Once a user authenticates, they have network access to everything on the same subnet. This lack of granular security and visibility creates a significant risk and leaves gaps in network visibility.
- Poor performance. All too often, remote users complain about their sluggishness of corporate application when access remotely. Part of that is an architecture issue, particularly when traffic needs to brought back to an inspection point, adding latency to the session. VPN traffic is also susceptible to the unpredictability and latency of Internet routing.
- Rotten user experience. Remote users struggle with connecting using legacy VPN software. Too many parameters have to be configured to connect properly. Where once this might have been tolerated by a small subset of remote users, it becomes a very different story when the entire workforce operates remotely.
- Growing security risk. VPN infrastructure itself has all too frequently been the target of attack. A brief search in the MITRE CVE database for “VPN Server” shows 622 CVE records. VPN servers showed so many security vulnerabilities that CERT warned that many VPN devices were storing session cookies improperly.
It shouldn’t be surprising to learn, then, that when we asked IT leaders further down the SASE adoption curve as to what triggered their SASE transformation project, “remote access VPN refresh” was the most common response (46%)
SASE: The Answer to the Hybrid Work Challenge
SASE answers those challenges by enabling work to occur anywhere, securely and efficiently. As part of a SASE platform, remote access benefits from the scaling of a cloud-native architecture. There’s no need to add server resources to accommodate of users who suddenly need remote access. “Deployment was quick. In a matter of 30 minutes, we configured the Cato mobile solution with single-sign-on (SSO) based on our Azure AD,” says Edo Nakdimon, senior IT manager at Geosyntec Consultants, who had more than 1200 users configured for remote access in less than an hour with the Cato SASE Cloud.
Zero-trust is just part of the SSE pillar of a single-vendor SASE platform, giving IT granular control over remote user resource access. Security is improved by eliminating the VPN servers so frequently and object of attack. And remote user performance improves by inspecting traffic in the PoP right near the user’s location and then sending traffic out to other location across the SASE platform’s global optimized backbone not the unpredictable Internet.
No wonder those IT leaders who did adopt SASE, indicated they were able to address the remote access challenge. When asked, “As a SASE user what are the key benefits you got from SASE?” “Enable Remote Access from Anywhere” as the highest ranked benefit (57% of respondents) followed by “Adopt zero trust security posture for all access” at 47% of respondents.
All of which makes remote access a “quick win” for anyone looking to deploy SASE.